Date: Tue, 21 May 1996 23:53:40 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com> To: tom@uniserve.com (Tom Samplonius) Cc: coredump@nervosa.com, freebsd-security@FreeBSD.ORG Subject: Re: [linux-security] Things NOT to put in root's crontab (fwd) Message-ID: <199605220653.XAA13950@GndRsh.aac.dev.com> In-Reply-To: <Pine.BSF.3.91.960521210454.17971B-100000@haven.uniserve.com> from Tom Samplonius at "May 21, 96 09:20:22 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
>
> On Tue, 21 May 1996, Tom Samplonius wrote:
>
> >
> > On Tue, 21 May 1996, Chris J. Layne wrote:
> >
> > > I think this applies to our cleanup of /tmp in /etc/rc
> >
> > I think it doesn't.
> >
> > Our rm removes links, not files pointed to by links. So:
> >
> > cd /tmp
> > ln -s /etc/passwd thing
> > rm thing
> >
> > will remove the link, not /etc/passwd.
>
> I don't know what I was thinking when I wrote that:
>
> cd /tmp
> ln -s /etc b
> rm b/passwd
>
> will remove /etc/passwd.
>
> However, I don't believe that this method can exploited with
> the standard /etc/rc because we use "rm -rf". I don't find should be
> doing a depth-first traversal in this case.
/etc/rc is not the problem, /etc/*ly is:
SkyRsh# grep exec /etc/*ly
/etc/daily: find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
^^^^^^^^^^^
/etc/daily: find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
^^^^^^^^^^^
/etc/daily:# -a -atime +3 -exec rm -f -- {} \;
^^^^^^^^^^^
/etc/weekly:PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/libexec
/etc/weekly:#find /usr/src -name '*.o' -atime +21 -print -a -exec rm -f {} \;
^^^^^^^^^^^
/etc/weekly:echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\
>
> I'll get sleep before I comment more.
>
> Tom
>
--
Rod Grimes rgrimes@gndrsh.aac.dev.com
Accurate Automation Company Reliable computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605220653.XAA13950>